Pages

Monday, 28 September 2015

Vulnerabilities In Windows Version TrueCrypt Discovered

In the Windows version of the ever popular encryption program TrueCrypt and the derivative Vera Crypt has a Google security researcher found leaking. It involves two different vulnerabilities allow a local attacker's rights on the system could increase.

The problems are caused by the way the encryption programs deal with drive letters and tokens. According to Mounir Idrassi, the developer of Vera Crypt, the problem with the drive letters a critical problem. In the case of Vera Crypt vulnerability is now patched in version 1.15, which will be released soon. TrueCrypt however, is no longer supported,allowing users of this software remain vulnerable.

Last year the developers of TrueCrypt indicated that they stopped supporting the software and it was unsafe to continue using the program. In response, decided to Idrassi Vera Crypt develop. It involves a fork, a spin-off on the original TrueCrypt source code is based. Idrassi however has made ​​several improvements to provide more protection. In addition, Vera Crypt actively supported.